Don't know much about the Switch, but from what I know from my days as a 3DS/Wii U network hacker the certs are, as many others have said, unbruteforcable. I'm pretty sure I remember calculating out how long it would take to try every combination of certificate until you got a working one, and it calculated out to some amount of years with more than 10 digits. So as some people are saying, it's best to just buy a new Switch or use lan-mitm, for now at least.
In the future though, there could be slightly better solutions. You'd probably still have to buy a new Switch, but perhaps we could later figure out how to use the certificate from one Switch on another one. Then if Wall Street Journal's rumors about a Switch Mini are true, maybe you could get one of those for cheap, hack it and then use that cert on a better Switch? That's my theory, at least. I tried doing something like that on 3DS and wasn't able to get there with file modification because the certs were encrypted and I couldn't find a way around that, but I was able to make a custom Nintendo Network module that connected to my server instead of Nintendo's and proxied over the requests using an unbanned cert. I never finished it, but it goes to show that this is possible if you try hard enough.
I haven't looked much into the Switch's side of networking, but for the most part it seems to be a slightly more secure version of Nintendo Network's ideas. It wouldn't be too unplausible to try and get this sort of thing to work later on... and at the very least, if we can't get that working a Wiimmfi sort of thing should at least be possible eventually. Probably. Maybe.
I think.